Several companies in the retail industry are banding together to strengthen their defenses against hackers and data breaches. More than 50 of the largest retailers are participating in the Retail Cyber Intelligence Sharing Center, which will circulate information on recent attacks, threats, and hacking methods. It is the first such initiative for an industry that has been besieged by cyber-attacks resulting in massive data breaches at companies such as Target, Neiman Marcus, and Michaels Stores. More inside.

Several companies in the retail industry are banding together to strengthen their defenses against hackers and data breaches. More than 50 of the largest retailers are participating in the Retail Cyber Intelligence Sharing Center, which will circulate information on recent attacks, threats, and hacking methods. It is the first such initiative for an industry that has been besieged by cyber-attacks resulting in massive data breaches at companies such as Target, Neiman Markus, and Michaels Stores. More inside.

Florida has become the latest state to adopt its own data breach notification law in the absence of any federal legislation to that end. The Sunshine State’s law is more expansive than most, and the fundamental problem for compliance officers isn’t going away. “The key is understanding what the entire patchwork [of legislation] is and then trying to set some standards to account for all of them,” says Philip Zender of the law firm Squire Sanders.

Target is still dealing with the fallout from a massive data breach that could have compromised data for as many as 110 million customers, but the failure could have regulatory consequences for all. Sen. Patrick Leahy (D-Vt.) has already re-introduced data privacy legislation, and more could follow. "A comprehensive national strategy to protect data privacy and cyber-security remains one of the most challenging and important issues facing our nation," Leahy said.

The data security theft at Sony, which compromised the personal information of as many as 77 million users, is just the latest in a string of attacks on corporate databases. Even before that breach, Treasury officials were urging companies, especially those in the financial sector, to conduct periodic risk assessments of their information security programs and to institute other safeguards. Details inside.